<?php 

class MoovPaySDK {

	function inquiry($secretKey, $merchantCode, $merchantID, $orderNumber, $orderTime, $reservedField='') {
		// $WebServiceURL = "https://pay.moovpay.com/gateway/api/queryTrans.do";
		$WebServiceURL = "https://paysit.moovpay.com/gateway/api/queryTrans.do";
		$headers = array("Content-Type: application/x-www-form-urlencoded; charset=utf-8");
		$parameters = array('signMethod' => '01',
							'txnType' => '01',
							'txnSubType' => '01',
							'bizType' => '000201',
							'channelType' => '07',
							'merCode' => $merchantCode,
							'merId' => $merchantID,
							'channel' => '001',
							'orderId' => $orderNumber,
							'txnTime' => $orderTime,
							'reqReserved' => $reservedField);
		$temp = $parameters;
		foreach ($temp as $key => $value) {
			if ($value == NULL) {
				unset($temp[$key]);
			}
		}
		$signature = $this->signature($temp, $secretKey);
		$parameters['signature'] = $signature;
		$postData = $this->buildParametersString($parameters, '&');

		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $WebServiceURL);
		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
		curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);

		$responseText = curl_exec($ch);
		$raw = explode('&', $responseText);
		$result = array();
		for ($i = 0; $i < count($raw) / 2; $i += 2) {
				$result[$raw[$i]] = $raw[$i + 1];
		}
		return $result;
	}

	function purchase($secretKey, $frontURL, $backendURL, $merchantCode, $merchantID, $merchantOrderNumber, $orderTime, $pan, $amount, $timeout, $reservedField='', $failURL='', $ip='', $description='', $reserved='') {
		// $WebServiceURL = "https://pay.moovpay.com/gateway/api/frontTrans.do";
		//sandbox
		$WebServiceURL = "https://paysit.moovpay.com/gateway/api/frontTrans.do";
		$headers = array("Content-Type: application/x-www-form-urlencoded; charset=utf-8");
		$parameters = array('signMethod' => '01',
							'txnType' => '01',
							'txnSubType' => '01',
							'bizType' => '000201',
							'channelType' => '07',
							'frontUrl' => $frontURL,
							'backUrl' => $backendURL,
							'merCode' => $merchantCode,
							'merId' => $merchantID,
							'channel' => '001',
							'orderId' => $merchantOrderNumber,
							'txnTime' => $orderTime,
							'accNo' => $pan,
							'txnAmt' => $amount,
							'payTimeout' => $timeout,
							'reqReserved' => $reservedField,
							'frontFailUrl' => $failURL,
							'customerIp' => $ip,
							'orderDesc' => $description,
							'reserved' => $reserved);
		$temp = $parameters;
		foreach ($temp as $key => $value) {
			if ($value == NULL) {
				unset($temp[$key]);
			}
		}
		$signature = $this->signature($temp, $secretKey);
		$temp['signature'] = $signature;
		$postData = $this->buildParametersString($temp, '&');

		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $WebServiceURL);
		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
		curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);

		$responseText = curl_exec($ch);
		echo $responseText;
		// $reader = json_decode($responseText, false, 512, JSON_BIGINT_AS_STRING);
	}

	function in_app_purchase($secretKey, $frontURL, $backendURL, $merchantCode, $merchantID, $merchantOrderNumber, $orderTime, $pan, $amount, $timeout, $reservedField='', $description='', $reserved='') {
		// $WebServiceURL = "https://pay.moovpay.com/gateway/api//appTrans.do";
		//sandbox
		$WebServiceURL = "https://paysit.moovpay.com/gateway/api//appTrans.do";
		$headers = array("Content-Type: application/x-www-form-urlencoded; charset=utf-8");
		$parameters = array('signMethod' => '01',
							'txnType' => '01',
							'txnSubType' => '01',
							'bizType' => '000201',
							'channelType' => '07',
							'frontUrl' => $frontURL,
							'backUrl' => $backendURL,
							'merCode' => $merchantCode,
							'merId' => $merchantID,
							'channel' => '001',
							'orderId' => $merchantOrderNumber,
							'txnTime' => $orderTime,
							'accNo' => $pan,
							'txnAmt' => $amount,
							'payTimeout' => $timeout,
							'reqReserved' => $reservedField,
							'orderDesc' => $description,
							'reserved' => $reserved);
		$temp = $parameters;
		foreach ($temp as $key => $value) {
			if ($value == NULL) {
				unset($temp[$key]);
			}
		}
		$signature = $this->signature($temp, $secretKey);
		$temp['signature'] = $signature;
		$postData = $this->buildParametersString($temp, '&');

		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $WebServiceURL);
		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
		curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);

		$responseText = curl_exec($ch);
		// return $responseText;
		return $responseText;
		// $reader = json_decode($responseText, false, 512, JSON_BIGINT_AS_STRING);
	}

	function verify($parameters, $publicKey) {
		$temp = $parameters;
		unset($temp['signature']);
		foreach ($temp as $key => $value) {
			if ($value == NULL) {
				unset($temp[$key]);
			}
		}
		$data = $this->buildParametersString($temp, '&');
		$key = openssl_get_publickey($publicKey);
		$signature = $parameters['signature'];
		$signature = str_replace('\/', '/', $signature);
		$signature = base64_decode($signature);
		$result = openssl_verify($data, $signature, $key, 'sha1WithRSAEncryption');
		return $result == 1;
	}

	function signature($parameters, $secretKey) {
		$raw = $this->buildParametersString($parameters, '&');
		$hash = hash('sha256', $secretKey);
		$raw .= "&".$hash;
		$signature = hash('sha256', $raw);
		return $signature;
	}

	function buildParametersString($parameters, $jointer='') {
		ksort($parameters);
		$temp = array();
		foreach ($parameters as $key => $value) {
			array_push($temp, $key.'='.$value);
		}
		return implode($jointer, $temp);
	}

	function buildJSONFromString($string, $jointer='', $separator='') {
		$rawParts = explode($jointer, $string);
		$data = array();
		foreach ($rawParts as $part) {
			$pair = explode($separator, $part);
			$data[$pair[0]] = $pair[1];
		}
		return json_encode($data);
	}
}

 ?>